<?php
require(dirname(__FILE__)."/"."../inc/common.inc.php");
admin(0);
extract($_REQUEST);
$servername=$HTTP_SERVER_VARS['SERVER_NAME']; 
$sub_from=$HTTP_SERVER_VARS["HTTP_REFERER"]; 
$sub_len=strlen($servername); 
$checkfrom=substr($sub_from,7,$sub_len); 
if($checkfrom!=$servername){ 
//echo("警告！你正在从外部提交数据！！请立即终止！！"); 
//exit; 
} 
$uptypes=array('image/jpg', 	//上传文件类型列表
'image/jpeg',
'image/png',
'image/pjpeg',
'image/gif',
'image/bmp',
'application/x-shockwave-flash',
'image/x-png');	
$time=time();
$max_file_size=5000000;  	//上传文件大小限制,	单位BYTE
$destination_folder="../upload/photo/".date("Ym",$time)."/";	//上传文件路径
$destination_folde1r="../upload/photo/".date("Ym",$time)."/";
?>
<!doctype html>
<html>
<head>
 
<meta charset="utf-8">
<title>up</title>
<style	type="text/css">
body {
	margin-left: 0px;
	margin-top: 0px;
	margin-right: 0px;
	margin-bottom: 0px;
 
 
}
body,td{font-family:tahoma,verdana,arial;font-size:11px;line-height:15px;color:#666666;margin-left:20px;}
strong{font-size:12px;}
a:link{color:#0066CC;}
a:hover{color:#FF6600;}
a:visited{color:#003366;}
a:active{color:#9DCC00;}
table.itable{}
td.irows{height:20px;}
body {
	margin-left: 0px;
	margin-top: 0px;
	margin-right: 0px;
	margin-bottom: 0px;
	background-color: #FFFFFF;
}
</style>
	<style	type="text/css">
    body {
        margin-left: 0px;
        margin-top: 0px;
        margin-right: 0px;
        margin-bottom: 0px;
    }
    body,td{color:#666666;margin-left:20px;}
    strong{font-size:12px;}
    a:link{color:#0066CC;}
    a:hover{color:#FF6600;}
    a:visited{color:#003366;}
    a:active{color:#9DCC00;}
    table.itable{}
    td.irows{height:20px;}
    body {
        margin-left: 0px;
        margin-top: 0px;
        margin-right: 0px;
        margin-bottom: 0px;
        background-color: #FFFFFF;
    }
    .upfile{
        background:url('images/upfile.png');
        background-repeat:no-repeat;
        -webkit-background-size:100%;
        background-size:100%;
        border:none;
        width:20px;
        height:23px;
    }
    .browse{
        background:url('images/browse.png');
        background-repeat:no-repeat;
        -webkit-background-size:100%;
        background-size:100%;
        border:none;
		
		opacity:0;
filter:alpha(opacity=0);
 cursor: pointer;
		
    }
    input[type=file]{
        display: inline-block;
        width:100%;
        opacity: 0;
		cursor: pointer;
    }
</style>
</head>
<BODY>
    <table border="0" cellpadding="0" cellspacing="0">
        <form enctype="multipart/form-data"	method="post"	name="upform">
            <tr>
                <td>
                    <input type="hidden" name="upbot" value="<?=$_GET['id']?>">
					
			 <a style="background:url(images/upfile1.png);display:inline-block;width:20px;background-repeat:no-repeat;background-size:100%; height: 25px; margin: 0px; padding: 0px; cursor: pointer">
                        <input name="upfile" type="file" class="browse" style="" size="0" value="" onchange="if(this.value!=''){document.upform.submit();}">
                    </a>
                </td>
                <td>
                   <?php /*?> <input	type="submit" class="button" style="padding:1px 20px;" value="上传" ><?php */?>
                </td>
            </tr>
        </form>
    </table>
<?php
if	($_SERVER['REQUEST_METHOD']	==	'POST'){
if	(!is_uploaded_file($_FILES["upfile"]['tmp_name'])){	
echo	"<script>alert('文件不存在！');</script>";
exit;
}
$file	=	$_FILES["upfile"];
if($max_file_size	<	$file["size"]){
echo	"<script>alert('文件太大！');</script>";
exit;
}

if(!in_array($file["type"],	$uptypes)){
	echo	"<script>alert('只能上传图像文件或Flash！');</script>";
	exit;	
}
if(!file_exists($destination_folder))
mkdir($destination_folder);
$filename=$file["tmp_name"];
$image_size	=	getimagesize($filename);	
$pinfo=pathinfo($file["name"]);
$ftype=$pinfo['extension'];
$destination	=	$destination_folder.time().".".$ftype;
if	(file_exists($destination)	&&	$overwrite	!=	true){
    	echo	"<script>alert('同名文件已经存在了');</script>";
    	exit;
 	}
if(!move_uploaded_file	($filename,	$destination)){
  	echo "<script>alert('移动文件出错！');</script>";
    exit;
}
$pinfo=pathinfo($destination);
$fname=$pinfo['basename'];
echo"<script>
parent.document.getElementById('{$upbot}').value='".$destination_folde1r.$fname."';
parent.document.getElementById('{$upbot}_img').src='".$destination_folde1r.$fname."';
</script>";
}
exit;
?>
</body>
</html>